Innovative Digital Solutions for SMBs
Glossary of terms and definitions for IT (Information Technology), the Internet and cyber security.
This glossary provides more than 480 clear and concise definitions of commonly used terms in the fields of information technology, the internet, and cyber security. It is designed to support users of all levels in understanding key concepts, technical jargon, and acronyms frequently encountered across digital platforms and security-related discussions. Whether you are a business owner, student, professional, or simply interested in the digital landscape, this resource aims to enhance your knowledge and confidence in navigating the ever-evolving world of technology.
Email or e-mail (electronic mail) is a system for composing, sending, receiving, and storing electronic messages over the internet or internal networks.
Example: She checked her email for updates from the client.
See also: Email Address
A unique identifier for an email account, typically in the format username@domain, used to send and receive messages.
Example: The customer sent an enquiry to support@company.com for technical assistance.
See also: Email
Metadata found at the start of an email that provides information such as sender, receiver, etc.
Example: The email header showed the sender's IP address.
The practice of forging email headers to make a message appear as though it was sent from a legitimate source, often used in phishing scams.
Example: The phishing email was sent using email spoofing.
A security measure requiring two distinct forms of verification before granting access to a system or account. (Also known as: Two-Step Verification)
Example: When logging into an email account, you enter your password and then input a verification code sent to your email.
See also: MFA, Authentication
The process of removing or altering personal identifiers in data sets to prevent individuals from being identified.
Example: Customer data is anonymised by replacing names and email addresses with generic IDs before being shared with researchers.
A digital file that is sent along with an email or electronic message, which can include documents, images, videos, or other types of data.
Example: She included a PDF attachment with her application to the council.
The process of verifying the identity of a user, system, or device, typically using credentials such as passwords, biometrics, or security tokens, to grant access to secure systems or information.
Example: Logging into your email by entering a username and a password.
See also: Credentials, 2FA, MFA
A trial-and-error method where an attacker tries every possible password combination to gain access to an account.
Example: A hacker uses automated software to guess the password to your email by systematically trying every combination of letters and numbers.
A username and password that has been stolen or exposed, allowing unauthorised access to accounts.
Example: Hackers use compromised credentials from a data breach to log into victims' email accounts.
A type of cyber attack where attackers use large sets of stolen username and password combinations, often obtained from previous data breaches, to gain unauthorised access to multiple online accounts. This attack exploits the common practice of people reusing the same credentials across different platforms and services.
Example: After acquiring a database of stolen login credentials from a breached e-commerce website, attackers attempt to access users' social media and banking accounts using the same email and password combinations.
The practice of securing information by converting it into an unreadable format (encryption) so only authorised users can decode it.
Example: Sending an encrypted email so only the intended recipient, who has the decryption key, can read it.
Tools and strategies designed to prevent unauthorised access, use, or sharing of sensitive data.
Example: A company uses DLP software to prevent employees from sending confidential information via email.
See also: Data Loss
The collection of data and traces left behind by a user's activity on the internet, including browsing history, social media posts, email interactions, and online purchases. This information can be used to build a profile of user behaviour and preferences.
Example: Posting on social media contributes to your digital footprint.
A set of attributes and credentials that represent a person or entity online.
Example: Her digital identity includes her email, username, and biometric data.
An email authentication method that uses cryptographic signatures to verify that an email was sent from an authorised mail server and that its content has not been tampered with during transit.
Example: An outgoing email is digitally signed with DKIM, and the recipient's mail server verifies the signature to confirm its authenticity.
An email authentication protocol that uses SPF and DKIM to verify an email's authenticity and provides domain owners with reporting capabilities to monitor and enforce email authentication policies.
Example: A company implements a DMARC policy to instruct recipient servers to reject any emails that fail SPF or DKIM checks.
A standard email protocol that allows users to access and manage their email messages on a mail server from multiple devices. Unlike POP, IMAP keeps messages on the server, enabling synchronisation across devices.
Example: IMAP allows users to read email from multiple devices.
See also: POP3, Mail Server
A folder or location within an email system where incoming messages are received and stored. The inbox is typically the first place users check to view new or unread emails.
Example: She checked her inbox first thing in the morning for any urgent emails.
See also: Email
A global network of interconnected computers and servers that communicate using standard protocols to share information and resources. It enables access to services such as websites, email, and file sharing across the world.
Example: The internet is used for communication, information, and entertainment.
A technique where an attacker falsifies the source IP address of a data packet to disguise their identity or impersonate a trusted source.
Example: An attacker sends a malicious email that appears to come from a colleague's IP address to trick you into clicking a harmful link.
A company or organisation that provides internet access along with additional services such as email, web hosting, and domain registration, often offering broader packages than an Internet Access Provider (IAP)
Example: They switched ISPs to get faster download speeds.
The first web page a visitor arrives at after clicking a link from an ad, email, or search engine result, often focused on a single objective or message.
Example: The company created a landing page to promote its EOFY sale.
The act of exiting a system or account after use.
Example: She made sure to logout of her email on the public computer.
A computer system that sends, receives, and stores email messages using standard protocols such as SMTP, IMAP, and POP3.
Example: A university manages its own mail server on-site to handle student and staff email communications internally.
See also: Email, IMAP, POP3, SMTP
An attack where a cybercriminal intercepts and possibly alters communication between two parties without their knowledge.
Example: An attacker intercepts data transferred between your laptop and a public Wi-Fi network, stealing login credentials for your email.
Mail Exchange (MX) Record is a DNS record that specifies the mail server responsible for receiving email on behalf of a domain.
Example: To direct email traffic correctly, the domain example.com has an MX record pointing to mail.example.com.
See also: DNS, Mail Server
A social engineering attack where cyber criminals send fraudulent emails or messages designed to trick recipients into revealing sensitive information or clicking malicious links.
Example: You receive an email claiming to be from your bank, asking you to click a link and enter your account details, but the link leads to a fake website.
A standard email protocol used to retrieve emails from a mail server to a local device. POP3 downloads the messages and usually deletes them from the server after download.
Example: She configured her email client to use POP3 so that her messages would be stored on her laptop and not kept on the server.
See also: IMAP, Mail Server
Protective DNS (PDNS) is a security service that analyses and filters DNS queries to prevent access to malicious domains. It blocks connections to phishing sites, malware command-and-control servers, and other cyber threats before they can cause harm.
Example: An employee accidentally clicks on a phishing link in an email. However, the company's PDNS service detects that the domain is linked to known phishing activity and blocks the request, preventing the user from accessing the harmful website.
A group of cyber security professionals that integrates the functions of both the Red Team (attackers) and Blue Team (defenders) to enhance an organisation's security posture. The Purple Team facilitates collaboration and information sharing between the Red and Blue Teams to identify vulnerabilities, improve defences, and ensure effective threat mitigation. Their role is to ensure that offensive testing (Red Team) directly informs defensive strategies (Blue Team).
Example: After the Red Team conducts a simulated phishing attack and successfully compromises user credentials, the Purple Team helps the Blue Team improve email filtering and employee training to prevent future incidents.
A type of malware that encrypts a user's data or system, with attackers demanding payment (ransom) to restore access.
Example: An employee opens a malicious email attachment, causing ransomware to encrypt company files until a ransom is paid.
See also: Malware
An attack where an attacker takes over an active user session to gain unauthorised access to data or services.
Example: An attacker intercepts a user's session token to gain access to their email account.
A standard communication protocol used to send emails from a client to a server or between servers. It handles the delivery of outgoing email messages.
Example: The email client used SMTP to send the message to the recipient's mail server.
See also: Mail Server
A highly targeted phishing attack aimed at a specific individual or organisation, often using personalised details to appear more convincing.
Example: You receive an email that appears to be from your manager, asking you to download an urgent file, which actually contains malware.
See also: Phishing
An email authentication protocol that allows domain owners to specify which mail servers are authorised to send emails on behalf of their domain. It helps prevent email spoofing and phishing.
Example: A company sets up an SPF record in its DNS to specify that only its official mail servers can send emails using its domain.
SSL (Secure Sockets Layer) = A cryptographic protocol designed to establish a secure and encrypted connection between two systems over a network. SSL ensures that data transmitted between these systems remains confidential, authenticated, and protected from interception or tampering. While commonly associated with securing communication between web browsers and web servers (HTTPS), SSL can also secure email communications, file transfers, instant messaging, and other network services. Although SSL has been largely replaced by its successor, TLS (Transport Layer Security), the term "SSL" is still widely used to refer to secure communication protocols.
Example: When you see a padlock icon in your browser's address bar, it indicates the website is using SSL/TLS encryption.
See also: TLS, SSL Certificate
The practice of hiding secret information within other non-suspicious data, such as images or audio files.
Example: Someone embeds a confidential message within an image file and sends it via email. Only the intended recipient, who knows how to extract the hidden text, can read the message.
The total sum of all possible vulnerabilities, entry points, or attack vectors in a system that an attacker could exploit.
Example: A company identifies its threat surface as including its website, email server, customer database, employee laptops and devices, point-of-sale (POS) systems, Wi-Fi network, cloud services, cloud storage, and remote work tools.
TLS (Transport Layer Security) = A cryptographic protocol designed to provide secure and encrypted communication between two systems over a network. TLS ensures data confidentiality, integrity, and authentication during transmission, protecting it from interception, tampering, or forgery. TLS is the successor to SSL (Secure Sockets Layer) and offers improved security, stronger encryption algorithms, and better performance. It is widely used to secure web traffic (HTTPS), email communications, file transfers, instant messaging, and other network-based services.
Example: Websites with HTTPS use TLS to protect data during transactions, such as online banking or shopping.
See also: SSL
A type of phishing attack that targets high-level executives or decision-makers within an organisation to steal sensitive information.
Example: A cybercriminal sends a convincing email to a CEO, impersonating a supplier and requesting a large wire transfer.
See also: Phishing
A type of malware that replicates itself and spreads to other devices, often causing widespread network disruption.
Example: The "ILOVEYOU" worm spread through email attachments, infecting millions of computers worldwide by replicating itself.
An advanced security solution that integrates multiple security layers (such as endpoint, network, cloud, and email security) into a unified platform to provide enhanced threat detection and response capabilities.
Example: An XDR platform detects a phishing email sent to an employee, tracks the related network activity, and automatically blocks any malicious connections to prevent data exfiltration.